QRCode Suitefor WordPress
FRLoginStart free
Documentation

Privacy Settings

QRCode Suite is designed to collect the minimum data necessary for analytics while protecting scanner privacy. IP addresses are always hashed before storage, bot traffic is filtered automatically, and data retention is configurable. This guide explains each privacy setting and how to configure it for your compliance requirements.
  1. 1

    Open QR Suite › Settings › Privacy

    Navigate to QR Suite › Settings in your WordPress admin and click the "Privacy" tab. This is where all data-handling settings are configured.

  2. 2

    Review IP address hashing (always on)

    IP hashing is always enabled and cannot be disabled. Before any scan event is recorded, the scanner's IP address is hashed using SHA-256 with a per-installation random salt. The original IP is never written to the database. This is not a configurable option — it is enforced at the plugin level.

  3. 3

    Configure the data retention window

    Set how long QRCode Suite retains scan events in the database. The default is 365 days for Pro and 30 days for Free. Enter a value in days and save. A background task runs nightly to purge scan records older than the configured window.

  4. 4

    Configure bot filtering

    Bot filtering is enabled by default. QRCode Suite checks the user agent of every scan request against a list of 25+ known bot and crawler patterns. Matched requests are discarded before recording. Toggle "Log filtered bots" if you want to see the count of filtered requests in the analytics panel without counting them as real scans.

  5. 5

    Configure geolocation collection

    Geolocation is disabled by default. Toggle "Enable location tracking" to derive country and city from the hashed IP lookup. Note that geolocation data is approximate and based on IP geolocation databases — it may not be accurate for mobile networks or VPNs.

  6. 6

    Save and verify

    Click "Save Settings." Perform a test scan of any QR code and then open its analytics to confirm scan events are recorded with the data fields you expect. No raw IPs should appear anywhere in the admin.

Frequently asked questions

How does QRCode Suite handle IP addresses?

QRCode Suite never stores raw IP addresses. Before any scan event is recorded, the IP is hashed with SHA-256 plus a random per-installation salt. The original IP cannot be recovered from the hash.

Does QRCode Suite filter bot traffic?

Yes. QRCode Suite includes a bot detection library that filters 25+ known bot and crawler patterns before recording scan events, so your analytics reflect real human scans.

Is QRCode Suite compliant with GDPR?

QRCode Suite is designed with GDPR compliance in mind: IP addresses are hashed, raw IPs are never stored, data retention is configurable, and all data stays on your server. Consult your legal team for your specific compliance obligations.

Can I configure how long scan data is retained?

Yes. The Privacy Settings panel lets you set a retention window. Data older than the configured window is purged automatically.

Need help getting started?

Download the free plugin or browse all documentation.

Download PluginAll docs